“Deleted Items” Is Not a Good Place to Store Things

May 7th, 2012

Several times in my career I have come across users who delete things in MS Outlook (or another email or file system) and keep said messages or documents in the Trash or Deleted Items folder. This is a Bad Idea™ for the following reasons.  Read the rest of this entry »

Posted in Email, Internet | No Comments »

Password Forensic Kit 11.5 – Software Review

April 30th, 2012

Passware Password Kit Forensic 11.5
Publisher: Passware, Inc.
Price: $995
Product Page

This month, I obtained a review copy of Passware’s “Passware Password Kit Forensic 11.5″. For brevity’s sake, I’ll refer to it as “Passware” for the rest of this review. Passware is a password recovery/cracking system which has the ability to work on multiple file types. The Forensic Kit version adds more features, such as cracking of filesystem passwords and resetting Windows user account passwords. Read the rest of this entry »

Posted in Security | Comments Off

4 Reasons a Clean Inbox Will Save You Time (and Money)

April 23rd, 2012

We frequently run across client machines of all sorts who complain of various problems related to email. Many of them have one thing in common: thousands of messages in their Inbox. I’ve been saying this for years, and I still believe that sloppy email management is the cause of problems on every mail system I have encountered, (with the possible exception of Gmail).

Here are the reasons why you do not want to keep all of your mail in your inbox:

1. It is hard to find things.
On several occasions, I have observed people who leave everything in their inbox because “that way I can find everything.” When I have observed these people trying to find things, it’s almost always painful to watch because in general, they “find” things manually, by scrolling through their inbox. They often fail to do even basic things to help their manual search, like sorting by sender, subject, or date. Clearly, a human should not be wading through thousands of messages trying to find a specific one. (The words “needle” and “haystack” come to mind). By moving messages into separate folders which you pick in advance, you can more easily find things when you need them.

If you ever spend time scrolling up and down through your inbox, looking for a message that you misplaced, you’re wasting time and money.

2. It slows your system down.

Just imagine that every time you look for a piece of paper on your desk, you need to sift through thousands of other pieces of paper to get to it. How inefficient is that? Regardless of how fast your computer is, you are putting an extra load on it by constantly making it process all of these documents. Even if you are not looking at your inbox, it is being accessed every time you send and receive mail from your server. This will slow down your mail client and system overall. Recently I have had several clients complaining of slowness, and the cause has frequently been that MS Outlook is open, and they have thousands of messages in the inbox. Simply moving everything to another folder, like Inbox2, addresses this problem.

If you ever spend time staring at your email client while it sits and “thinks” for long periods of time, seemingly doing nothing, while it’s actually processing your inbox trying to sort things out, you’re wasting time and money.

3. It is sloppy.

I can’t think of anybody whose real inbox (on their desk) or their mailbox (outside their house, at the post office, etc.) is the final repository for all of their mail, and their e-mail inbox shouldn’t be either. Gmail encourages you to just forget about filing things, and leaving everything in the inbox. That may work for Gmail, but don’t do this on other mail systems.

4. You’re keeping all of your proverbial eggs (messages) in one basket (inbox).

Just yesterday I had a client call and inform me that Outlook Express had stopped downloading his mail. It turned out that he had hard drive corruption, and his inbox (which contained emails going back over three years, and over 3,000 messages in it) was one of the affected files. Ouch. With a local email store on a notebook, and only a backup from two years ago, the chances for recovery look slim. Note that unless you are archiving files into separate PST stores, MS Outlook does keep everything in a single file, so additional steps are required to make it more fault tolerant.

If your email is all in one, monolithic file, and something goes wrong with that file, it can be very difficult to recover your messages.

Posted in Email, Internet | Comments Off

Why Am I Getting “Email Rejected” or Undeliverable Messages?

April 16th, 2012

Every now and then we get a call from a client, telling us that they are receiving messages stating that their emails are being rejected, or “bouncing.” The catch? They never sent the email in the first place. So what’s going on?

Although we don’t see as much of this as we did several years back, what’s often happening is that someone else, with whom the client has corresponded, has a virus-infected computer, and that machine is sending out junk email (or viruses), purporting to be our client.

Forging an email, purporting to be someone whom you are not, is trivial, and unless you and/or your email provider have taken steps to secure your systems and your domain, anyone with a little know-how can easily send email as anyone, including you.

In the following graphic, we see an example, where Joe@example.com corresponds with Sally@example.net. An Evil Badguy manages to insert a virus onto Sally’s computer, and it starts to send out spam and viruses. But, this virus is smart! It doesn’t send the emails as Sally – it sends them emails as some random recipient in Sally’s address book, in this case, Joe. When Bob receives “Joe’s” email, he emails Joe to complain, but Joe has no idea what’s going on. He’s even scanned his computer for viruses and found no sign. In an effort to prevent this, Joe could set up an SPF record on his domain, example.com, so that only authorized computers could send emails claiming to be example.com, which could help cut down this sort of behavior.

3rd party virus emails

3rd party virus emails

If you think you are the victim of such a charade, contact us to see how Paradigm can help shield your domain from these attacks.

Posted in Email, Internet, Phishing, Scams | Comments Off

6 Mistakes to Avoid When Choosing An Email Provider

April 9th, 2012

Many businesses are moving to cloud-based services, especially for email. Here are some of the mistakes we’ve seen, and how you can avoid them.

1. Hosting Email Yourself (in-house)

Properly maintaining an email server, like maintaining any piece of critical IT infrastructure, is not a simple task. Too many companies choose to run their own internal email server because it’s “cheaper” than outsourcing. Nothing could be further from the truth! There is more to maintaining a mail server than just turning it on and forgetting it. Servers need frequent regular attention, often on a daily, if not more frequent basis. They need to patched, upgraded, backed up, and monitored to make sure they are up, stable, and secure. On several occasions we have come across client systems which have been compromised, in one form or another, for months, and nobody knew! If you choose to host your email in house, be sure that your IT staff (or outsourced providers) are doing regular, frequent maintenance on your mail servers.

2. Using Your ISP for Email

Most ISPs don’t want to host your email. They want to be in the business of providing Internet access. Email came along because users demanded it, and many ISPs added this feature in as an afterthought. Your ISP’s mail server is often overloaded, slow, and will have prohibitively low storage and attachment limits.

In 2008, Charter Communications (accidentally) deleted 14,000 users’ mailboxes with no option to restore any of the deleted mail. Does that sounds like a company that takes email seriously?

Also, many ISPs will not host your domain, example.com, and force you to use their domain name in your email address, so instead of you being able to send email as you@yourcompanyname.com, it has to be something like yourcompany@yourISP.com, which looks very unprofessional and fly-by-night. Nothing screams “unprofessional” like an email address with @aol.com, @gmail.com, or @comcast.net in it for your business.

Finally, if your ISP gets acquired or goes out of business, or you change your ISP, your email address need to change, and you are almost certain to lose emails because people will have an old email address for you in their address book.

3. Falling for the Promise of “24x7x365 Support”

Large email providers love to tell you about their 24x7x365 support. What they don’t tell you is that, while you may actually get to speak to a human to request support, the real engineers and technicians who do the hard work to get problems fixed work a 9-5 schedule, so if you do have a problem after hours, you may end up waiting until the next morning anyway! Having a relationship with a trusted provider is much more valuable than playing the game of 24×7 roulette.

4. Not understanding Your SLA (Service Level Agreement)

Does your email provider offer you a 99.9999% uptime guarantee? What happens when they go down for a few hours? Do they pay you back? No. SLAs vary from vendor to vendor, so be sure to understand what yours promises, what you will get when they go down, and what you won’t. What you will get is a portion of your bill cut, depending on the SLA, but you’ll have to apply to your provider’s billing department and request this credit.

5. Choosing the Bells and Whistles (you’ll never use)

Many hosted email providers will boast features are overkill for small businesses. Most small businesses do not need to be compliant with HIPAA, PCI, and SOX, but many email providers will boast their compliance packages and try to sell you on them. Granted, most organizations we work with could benefit from a lot of additional features that never occurred to them. Just because you don’t have a feature now doesn’t mean you can’t benefit from them, but don’t be sold on the promise of something without making sure it is really a benefit, not just an extra monthly charge on your account.

6. Looking at price first, features and benefits second (or never)

Price matters, but meeting your needs matters more. Yes, you could choose to host your email for free with your ISP, but it’s worth a few dollars per month to have your own domain name, larger message attachment sizes, collaboration and other features that you will actually use. Before making a decision, make sure that you are comparing identical or at least very similar features, and then come down to price, but not before.

 

Posted in Business, Email, Internet, System Administration | Comments Off

6 Simple Ways to Not Be a Spammer

April 3rd, 2012

While several of our clients are involved in legitimate bulk emailing, some are not following these simple rules, making them “junk emailers” or “spammers.” When I say legitimate, I mean that the messages are not unsolicited spam or junk mail messages. But what constitutes junk? One person’s idea of junk might be another person’s “valuable message for our customers.” How do you know what’s what?

As one of my colleagues says, “it’s not about the content, it’s about the consent.” Quite simply, it doesn’t matter how important your email is, or how important you think it is. If it wasn’t requested by the recipient, or they did not ask for your marketing emails, it can be considered spam or junk mail.

When people receive any email, they normally have the option to report messages as spam back to their ISP or email provider. These reports get collected and sent to spam reporting companies who compile lists of email servers, IP addresses, and domains which are generating spam. If your server, IP address, or domain gets flagged as a spammer, you can be blacklisted, which can result in your emails being rejected, even by people and businesses you deal with regularly, for days or even weeks!

Spam Spam Spam Spam Spam So how can you avoid being a spammer? There are several steps, most of them relatively simple, to ensure this.

  1. Use a legitimate email list. By this, I mean one that you assembled yourself, not something you bought, and not something you assembled out of various correspondences or subterfuge, such as automatically adding people to a list when they contact you, or buy one of your products. This behavior is a violation of the 2003 CAN-SPAM act. In other words, it’s illegal and you can be fined for it.
  2. Be legitimate. If you’re trying to sell something, say you’re trying to sell something. Although you can be subtle about it, don’t mask the fact, and don’t pretend to be selling something you’re not.
  3. Send your email in plain text. Most marketing departments will nix this immediately, so if you are going to send HTML (pretty pictures and colors) email, be sure that it is standards-compliant and well-formed. Be sure whomever is creating your HTML emails knows what this means and can verify this if you don’t.
  4. Display your domain name’s registration information publicly. Don’t hide behind a proxy domain name registrar to keep your information private, as it makes you look like you’re a spammer who is trying to hide something.
  5. Use consistent “from” email addresses, e.g., “announcements@example.com.”
  6. Set Sender Policy Framework (SPF) records for your domain. SPF is a system which defines what email servers are allowed to send email on your behalf, which helps prevent unauthorized mail servers forge your addresses (which would allow spammers to pretend to be you, and make you look bad).

If any of these sound too technical for you to handle on your own, contact us today and request a free audit of your bulk mailing practices so that we can assist you further to be compliant and, more importantly, to avoid an unplanned outage of your email system.

References:

Posted in Email, Internet, Scams | 1 Comment »

Application Review: Evernote

March 13th, 2012
Evernote Web

Evernote Web

Evernote is a cloud-based service for taking notes and storing all kinds of data. I use it mostly for text and photo snapshots, but will also store documents and audio files from time to time. Without a doubt, it is one of my favorite applications, which I use on Windows, Macintosh, iOS and (sort of) Linux. Read the rest of this entry »

Posted in Desktop Software, Internet | 2 Comments »

Stopping Spam’s Sorry State

February 21st, 2012

This weekend, I received a call from a client whose email domain had been blacklisted, something that could very easily happen to you, too. Read the rest of this entry »

Posted in Email, Internet | Comments Off

Position Opening – Information Systems Technician Level 1

January 19th, 2012

Paradigm Consulting Co., a leading provider of information technology and security services, is seeking an Information Systems Technician – Level I. Duties include working as part of a team to provide technical support to a diverse range of clients with Windows, Mac, and Linux systems.

Associate in Info Tech or equivalent experience required. A+, Network+, Security+, MCSA, MCSE, or GIAC certs (GSEC) desirable.

Strong customer service skills and outstanding written and verbal communications skills are a must. If you love providing end-users with the solutions to their technical problems, this may be the job for you. This job can be fast-paced, so applicants must be able to very quickly adapt to new situations and learn new skills. Applicants must be able to very quickly adapt to new circumstances and surroundings, to provide quick responses to client issues. As part of a small company, you’ll be expected to work closely as part of a strong team, so prepare to exercise and develop those mental muscles!

Local travel within central Vermont required. Occasional overtime/after hours work required.

Apply by emailing resumes to jobapps at paradigm CC dot com.

Posted in Uncategorized | Comments Off

How To Recognize a Nigerian Scam

December 8th, 2011

It’s quite simple, really – if it sounds too good to be true, it probably is. Here’s an email one of our staff received in response to an inquiry to a Craigslist apartment listing. See if you can spot the red flags. Read the rest of this entry »

Posted in Internet, Scams, Security | Comments Off

« Older Entries